Patent number 8527769 is assigned to
The following quote was obtained by the news editors from the background information supplied by the inventors: "The use of decentralized distributed systems is growing. These systems typically comprise weakly connected nodes and are mostly decentralized. Examples of decentralized distributed systems include online games, messaging applications, cooperative data sharing systems such as peer-to-peer file sharing systems, and weakly consistent replication systems. While the decentralized nature of such systems and weakly connected nodes provide many advantages in distributed networking environments such as the Internet, there are also problems associated with such systems.
"One such problem with distributed systems is known as a read-denial attack. In a read-denial attack, a malicious node may read an incoming message and then may falsely claim not to have done so. The node may eventually claim to have read the message, but at a different logical time, or it may claim never to have read the message at all. This type of attack is challenging to prevent because receiving and reading the message happens locally on a node without any outside observer.
"Another problem with distributed systems is known as a taint attack. In a taint attack, a node may be considered tainted by information in a message sent to it, even if the message was unwanted and went unread. For sensitive information, especially in legal or financial settings, merely having received confidential information may result in a taint against a user associated with the node. To counter this attack, the node may protect itself by proving that a tainted message was never read, although it may have been received."
In addition to the background information obtained for this patent, VerticalNews journalists also obtained the inventors' summary information for this patent: "A cryptographically-secure component is used to provide read-undeniability (also referred to as read-indisputability) and deletion-verifiability (also referred to as verifiable-deletion) for messaging applications in a distributed system. A cryptographically-secure component is implemented at each node of the distributed system. When a messaging application of a sending node desires to send a message to a messaging application of a receiving node, the sending node requests an encryption key from the receiving node. The cryptographically-secure component of the receiving node generates an encryption key that is bound to a state of the receiving node that is associated with reading the message. The messaging application of the sending node then encrypts the message using the encryption key and sends the encrypted message to the messaging application of the receiving node. Because the encryption key used to encrypt the message is bound to the state associated with reading the message by the cryptographically-secure component, if the receiving node desires to decrypt and read the encrypted message, the receiving node may first advance its state to the bound state in the cryptographically-secure component to retrieve the decryption key. Alternatively, if the receiving node desires to delete the encrypted message, the receiving node may advance its state to a deletion state associated with the encrypted message, after which the decryption key will no longer be available. The cryptographically-secure component may later generate a state digest that serves as a proof that the receiving node either read or deleted the encrypted message.
Most Popular Stories
- Updates on Everglades' Stranded Pilot Whales
- NSA Tracks 5 Billion Cellphone Records a Day
- Hezbollah Chief's Assassination Claimed by Sunni Group
- Stolen Cobalt-60 Recovered in Mexico
- Wind Power and Wildlife Can Coexist
- Ford Mustang Still Packs Power
- Allstate Seeks to Invest in Minority Firms
- Sarmiento to Handle Greeley Latin Ops
- First-time Jobless Claims Drop Below 300,000
- White House Pushes to Extend Unemployment Benefits